Four categories of network security technology firewalls

The firewall classification that network engineer security technology CCIE and HCIE should understand. In order to have a certain grasp of firewalls, today we will briefly understand the categories of firewalls and introduce the similarities and differences between the categories.

According to the different functions and mechanisms provided by firewalls, they are divided into the following categories:

01 Circuit-level firewall

This type of firewall is usually used as a relay for TCP connections, intercepting TCP that tries to connect to the main sentence they protect, and replaces the host to complete the three-way handshake process. After the connection is established, the corresponding traffic is allowed to pass through the firewall and reach the host. Circuit-level firewalls do not review the data in the data packets and any other information, so they are very fast. This type of firewall actually only guarantees that the TCP handshake has been completed before a connection is allowed.

02 proxy firewall

The proxy firewall, as the name implies, can respond in place of applications. The proxy server firewall completes its work by inspecting packets at the application layer, intercepting the requests sent by the applications behind them, and performing the requested functions on behalf of the requested applications, and then forwarding the results to the requesting application. In this way, secure access is achieved. But this powerful ability to process packets at higher layers of the protocol stack will slow down the proxy server.

03 Stateless packet filter firewall

A stateless packet filter is a fairly simple device located on the periphery of the network. It allows some packets to pass according to a set of rules while blocking other packets. This decision is made based on the address information in the network layer protocol (such as IP), but in some cases it is based on the information contained in the transport layer protocol (such as the TCP header or UDP header).

04 Stateful packet filter firewall

Compared with stateless packet filter firewalls, this type of firewall can block almost all traffic, but allows the return traffic of the traffic generated by the device behind the firewall to pass through. This goal is achieved by maintaining a record of connections to the transport layer, which is established by hosts behind the firewall through stateful packet filters. Most firewalls now use this mechanism.

Stateful packet filters are able to track various information grouped by them, which includes

Source/destination TCP and UDP port numbers

TCP serial number

TCP tag

TCP session state based on RFCed TCP state machine

Timer-based UDP traffic tracking

Do you know the four classifications of firewalls now?

The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps, CCNP Written dumps and CCIE Written dumps waiting for you.